* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
const char *name;
size_t size;
int (*init)(void *);
- int (*auth)(void *, struct connectdata *);
+ int (*auth)(void *, struct Curl_easy *data, struct connectdata *);
void (*end)(void *);
int (*check_prot)(void *, int);
int (*overhead)(void *, int, int);
#define AUTH_ERROR 2
#ifdef HAVE_GSSAPI
-int Curl_sec_read_msg(struct connectdata *conn, char *,
+int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn, char *,
enum protection_level);
void Curl_sec_end(struct connectdata *);
-CURLcode Curl_sec_login(struct connectdata *);
+CURLcode Curl_sec_login(struct Curl_easy *, struct connectdata *);
int Curl_sec_request_prot(struct connectdata *conn, const char *level);
#else
#define Curl_sec_end(x)
/* handle the security-oriented responses 6xx ***/
switch(code) {
case 631:
- code = Curl_sec_read_msg(conn, buf, PROT_SAFE);
+ code = Curl_sec_read_msg(data, conn, buf, PROT_SAFE);
break;
case 632:
- code = Curl_sec_read_msg(conn, buf, PROT_PRIVATE);
+ code = Curl_sec_read_msg(data, conn, buf, PROT_PRIVATE);
break;
case 633:
- code = Curl_sec_read_msg(conn, buf, PROT_CONFIDENTIAL);
+ code = Curl_sec_read_msg(data, conn, buf, PROT_CONFIDENTIAL);
break;
default:
/* normal ftp stuff we pass through! */
set a valid level */
Curl_sec_request_prot(conn, data->set.str[STRING_KRB_LEVEL]);
- if(Curl_sec_login(conn))
+ if(Curl_sec_login(data, conn))
infof(data, "Logging in with password in cleartext!\n");
else
infof(data, "Authentication successful\n");
/**
* Curl_http_output_auth() setups the authentication headers for the
* host/proxy and the correct authentication
- * method. conn->data->state.authdone is set to TRUE when authentication is
+ * method. data->state.authdone is set to TRUE when authentication is
* done.
*
+ * @param data all information about the current transfer
* @param conn all information about the current connection
* @param request pointer to the request keyword
* @param httpreq is the request type
#include "curl_memory.h"
#include "memdebug.h"
-static CURLcode ftpsend(struct connectdata *conn, const char *cmd)
+static CURLcode ftpsend(struct Curl_easy *data, struct connectdata *conn,
+ const char *cmd)
{
ssize_t bytes_written;
#define SBUF_SIZE 1024
write_len += 2;
bytes_written = 0;
- result = Curl_convert_to_network(conn->data, s, write_len);
+ result = Curl_convert_to_network(data, s, write_len);
/* Curl_convert_to_network calls failf if unsuccessful */
if(result)
return result;
#ifdef HAVE_GSSAPI
conn->data_prot = PROT_CMD;
#endif
- result = Curl_write(conn->data, conn->sock[FIRSTSOCKET], sptr, write_len,
+ result = Curl_write(data, conn->sock[FIRSTSOCKET], sptr, write_len,
&bytes_written);
#ifdef HAVE_GSSAPI
DEBUGASSERT(data_sec > PROT_NONE && data_sec < PROT_LAST);
if(result)
break;
- Curl_debug(conn->data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written);
+ Curl_debug(data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written);
if(bytes_written != (ssize_t)write_len) {
write_len -= bytes_written;
}
static int
-krb5_auth(void *app_data, struct connectdata *conn)
+krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn)
{
int ret = AUTH_OK;
char *p;
const char *host = conn->host.name;
ssize_t nread;
curl_socklen_t l = sizeof(conn->local_addr);
- struct Curl_easy *data = conn->data;
CURLcode result;
const char *service = data->set.str[STRING_SERVICE_NAME] ?
data->set.str[STRING_SERVICE_NAME] :
for(;;) {
/* this really shouldn't be repeated here, but can't help it */
if(service == srv_host) {
- result = ftpsend(conn, "AUTH GSSAPI");
+ result = ftpsend(data, conn, "AUTH GSSAPI");
if(result)
return -2;
cmd = aprintf("ADAT %s", p);
if(cmd)
- result = ftpsend(conn, cmd);
+ result = ftpsend(data, conn, cmd);
else
result = CURLE_OUT_OF_MEMORY;
mvsnprintf(print_buffer, sizeof(print_buffer), message, args);
va_end(args);
- if(ftpsend(data->conn, print_buffer)) {
+ if(ftpsend(data, data->conn, print_buffer)) {
ftp_code = -1;
}
else {
CURLcode saying whether an error occurred or CURLE_OK if |len| was
written. */
static CURLcode
-socket_write(struct connectdata *conn, curl_socket_t fd, const void *to,
+socket_write(struct Curl_easy *data, curl_socket_t fd, const void *to,
size_t len)
{
const char *to_p = to;
ssize_t written;
while(len > 0) {
- result = Curl_write_plain(conn->data, fd, to_p, len, &written);
+ result = Curl_write_plain(data, fd, to_p, len, &written);
if(!result) {
len -= written;
to_p += written;
/* Send |length| bytes from |from| to the |fd| socket taking care of encoding
and negotiating with the server. |from| can be NULL. */
-static void do_sec_send(struct connectdata *conn, curl_socket_t fd,
- const char *from, int length)
+static void do_sec_send(struct Curl_easy *data, struct connectdata *conn,
+ curl_socket_t fd, const char *from, int length)
{
int bytes, htonl_bytes; /* 32-bit integers for htonl */
char *buffer = NULL;
return; /* error */
if(iscmd) {
- error = Curl_base64_encode(conn->data, buffer, curlx_sitouz(bytes),
+ error = Curl_base64_encode(data, buffer, curlx_sitouz(bytes),
&cmd_buffer, &cmd_size);
if(error) {
free(buffer);
static const char *enc = "ENC ";
static const char *mic = "MIC ";
if(prot_level == PROT_PRIVATE)
- socket_write(conn, fd, enc, 4);
+ socket_write(data, fd, enc, 4);
else
- socket_write(conn, fd, mic, 4);
+ socket_write(data, fd, mic, 4);
- socket_write(conn, fd, cmd_buffer, cmd_size);
- socket_write(conn, fd, "\r\n", 2);
- infof(conn->data, "Send: %s%s\n", prot_level == PROT_PRIVATE?enc:mic,
+ socket_write(data, fd, cmd_buffer, cmd_size);
+ socket_write(data, fd, "\r\n", 2);
+ infof(data, "Send: %s%s\n", prot_level == PROT_PRIVATE?enc:mic,
cmd_buffer);
free(cmd_buffer);
}
}
else {
htonl_bytes = htonl(bytes);
- socket_write(conn, fd, &htonl_bytes, sizeof(htonl_bytes));
- socket_write(conn, fd, buffer, curlx_sitouz(bytes));
+ socket_write(data, fd, &htonl_bytes, sizeof(htonl_bytes));
+ socket_write(data, fd, buffer, curlx_sitouz(bytes));
}
free(buffer);
}
-static ssize_t sec_write(struct connectdata *conn, curl_socket_t fd,
- const char *buffer, size_t length)
+static ssize_t sec_write(struct Curl_easy *data, struct connectdata *conn,
+ curl_socket_t fd, const char *buffer, size_t length)
{
ssize_t tx = 0, len = conn->buffer_size;
if(length < (size_t)len)
len = length;
- do_sec_send(conn, fd, buffer, curlx_sztosi(len));
+ do_sec_send(data, conn, fd, buffer, curlx_sztosi(len));
length -= len;
buffer += len;
tx += len;
struct connectdata *conn = data->conn;
curl_socket_t fd = conn->sock[sockindex];
*err = CURLE_OK;
- return sec_write(conn, fd, buffer, len);
+ return sec_write(data, conn, fd, buffer, len);
}
-int Curl_sec_read_msg(struct connectdata *conn, char *buffer,
- enum protection_level level)
+int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn,
+ char *buffer, enum protection_level level)
{
/* decoded_len should be size_t or ssize_t but conn->mech->decode returns an
int */
size_t decoded_sz = 0;
CURLcode error;
+ (void) data;
+
if(!conn->mech)
/* not inititalized, return error */
return -1;
{
buf[decoded_len] = '\n';
- Curl_debug(conn->data, CURLINFO_HEADER_IN, buf, decoded_len + 1);
+ Curl_debug(data, CURLINFO_HEADER_IN, buf, decoded_len + 1);
}
buf[decoded_len] = '\0';
DEBUGASSERT(level > PROT_NONE && level < PROT_LAST);
if(!conn->sec_complete) {
- infof(conn->data, "Trying to change the protection level after the"
- " completion of the data exchange.\n");
+ infof(data, "Trying to change the protection level after the"
+ " completion of the data exchange.\n");
return -1;
}
return -1;
if(code/100 != 2) {
- failf(conn->data, "Failed to set the protection's buffer size.");
+ failf(data, "Failed to set the protection's buffer size.");
return -1;
}
conn->buffer_size = buffer_size;
return -1;
if(code/100 != 2) {
- failf(conn->data, "Failed to set the protection level.");
+ failf(data, "Failed to set the protection level.");
return -1;
}
return 0;
}
-static CURLcode choose_mech(struct connectdata *conn)
+static CURLcode choose_mech(struct Curl_easy *data, struct connectdata *conn)
{
int ret;
- struct Curl_easy *data = conn->data;
void *tmp_allocation;
const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech;
}
/* Authenticate */
- ret = mech->auth(conn->app_data, conn);
+ ret = mech->auth(conn->app_data, data, conn);
if(ret != AUTH_CONTINUE) {
if(ret != AUTH_OK) {
}
CURLcode
-Curl_sec_login(struct connectdata *conn)
+Curl_sec_login(struct Curl_easy *data, struct connectdata *conn)
{
- return choose_mech(conn);
+ return choose_mech(data, conn);
}
#undef LDAPURLDesc
#define LDAPURLDesc struct ldap_urldesc
-static int _ldap_url_parse(const struct connectdata *conn,
+static int _ldap_url_parse(struct Curl_easy *data,
+ const struct connectdata *conn,
LDAPURLDesc **ludp);
static void _ldap_free_urldesc(LDAPURLDesc *ludp);
}
#endif /* #if defined(USE_WINDOWS_SSPI) */
-static int ldap_win_bind(struct connectdata *conn, LDAP *server,
+static int ldap_win_bind(struct Curl_easy *data, LDAP *server,
const char *user, const char *passwd)
{
int rc = LDAP_INVALID_CREDENTIALS;
PTCHAR inuser = NULL;
PTCHAR inpass = NULL;
- if(user && passwd && (conn->data->set.httpauth & CURLAUTH_BASIC)) {
+ if(user && passwd && (data->set.httpauth & CURLAUTH_BASIC)) {
inuser = curlx_convert_UTF8_to_tchar((char *) user);
inpass = curlx_convert_UTF8_to_tchar((char *) passwd);
}
#if defined(USE_WINDOWS_SSPI)
else {
- rc = ldap_win_bind_auth(server, user, passwd, conn->data->set.httpauth);
+ rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth);
}
#endif
#ifdef HAVE_LDAP_URL_PARSE
rc = ldap_url_parse(data->change.url, &ludp);
#else
- rc = _ldap_url_parse(conn, &ludp);
+ rc = _ldap_url_parse(data, conn, &ludp);
#endif
if(rc != 0) {
failf(data, "LDAP local: %s", ldap_err2string(rc));
}
#ifdef USE_WIN32_LDAP
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
- rc = ldap_win_bind(conn, server, user, passwd);
+ rc = ldap_win_bind(data, server, user, passwd);
#else
rc = ldap_simple_bind_s(server, user, passwd);
#endif
ldap_proto = LDAP_VERSION2;
ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
#ifdef USE_WIN32_LDAP
- rc = ldap_win_bind(conn, server, user, passwd);
+ rc = ldap_win_bind(data, server, user, passwd);
#else
rc = ldap_simple_bind_s(server, user, passwd);
#endif
*
* <hostname> already known from 'conn->host.name'.
* <port> already known from 'conn->remote_port'.
- * extract the rest from 'conn->data->state.path+1'. All fields are optional.
+ * extract the rest from 'data->state.path+1'. All fields are optional.
* e.g.
* ldap://<hostname>:<port>/?<attributes>?<scope>?<filter>
* yields ludp->lud_dn = "".
*
* Defined in RFC4516 section 2.
*/
-static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp)
+static int _ldap_url_parse2(struct Curl_easy *data,
+ const struct connectdata *conn, LDAPURLDesc *ludp)
{
int rc = LDAP_SUCCESS;
char *p;
char *query = NULL;
size_t i;
- if(!conn->data ||
- !conn->data->state.up.path ||
- conn->data->state.up.path[0] != '/' ||
- !strncasecompare("LDAP", conn->data->state.up.scheme, 4))
+ if(!data ||
+ !data->state.up.path ||
+ data->state.up.path[0] != '/' ||
+ !strncasecompare("LDAP", data->state.up.scheme, 4))
return LDAP_INVALID_SYNTAX;
ludp->lud_scope = LDAP_SCOPE_BASE;
ludp->lud_host = conn->host.name;
/* Duplicate the path */
- p = path = strdup(conn->data->state.up.path + 1);
+ p = path = strdup(data->state.up.path + 1);
if(!path)
return LDAP_NO_MEMORY;
/* Duplicate the query if present */
- if(conn->data->state.up.query) {
- q = query = strdup(conn->data->state.up.query);
+ if(data->state.up.query) {
+ q = query = strdup(data->state.up.query);
if(!query) {
free(path);
return LDAP_NO_MEMORY;
LDAP_TRACE(("DN '%s'\n", dn));
/* Unescape the DN */
- result = Curl_urldecode(conn->data, dn, 0, &unescaped, NULL, REJECT_ZERO);
+ result = Curl_urldecode(data, dn, 0, &unescaped, NULL, REJECT_ZERO);
if(result) {
rc = LDAP_NO_MEMORY;
LDAP_TRACE(("attr[%zu] '%s'\n", i, attributes[i]));
/* Unescape the attribute */
- result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL,
+ result = Curl_urldecode(data, attributes[i], 0, &unescaped, NULL,
REJECT_ZERO);
if(result) {
free(attributes);
LDAP_TRACE(("filter '%s'\n", filter));
/* Unescape the filter */
- result = Curl_urldecode(conn->data, filter, 0, &unescaped, NULL,
- REJECT_ZERO);
+ result = Curl_urldecode(data, filter, 0, &unescaped, NULL, REJECT_ZERO);
if(result) {
rc = LDAP_NO_MEMORY;
return rc;
}
-static int _ldap_url_parse(const struct connectdata *conn,
+static int _ldap_url_parse(struct Curl_easy *data,
+ const struct connectdata *conn,
LDAPURLDesc **ludpp)
{
LDAPURLDesc *ludp = calloc(1, sizeof(*ludp));
if(!ludp)
return LDAP_NO_MEMORY;
- rc = _ldap_url_parse2(conn, ludp);
+ rc = _ldap_url_parse2(data, conn, ludp);
if(rc != LDAP_SUCCESS) {
_ldap_free_urldesc(ludp);
ludp = NULL;
psnd->recv_size > psnd->recv_processed;
}
-static CURLcode pre_receive_plain(struct connectdata *conn, int num)
+static CURLcode pre_receive_plain(struct Curl_easy *data,
+ struct connectdata *conn, int num)
{
const curl_socket_t sockfd = conn->sock[num];
struct postponed_data * const psnd = &(conn->postponed[num]);
/* Have some incoming data */
if(!psnd->buffer) {
/* Use buffer double default size for intermediate buffer */
- psnd->allocated_size = 2 * conn->data->set.buffer_size;
+ psnd->allocated_size = 2 * data->set.buffer_size;
psnd->buffer = malloc(psnd->allocated_size);
if(!psnd->buffer)
return CURLE_OUT_OF_MEMORY;
(void)sockindex;
return false;
}
-#define pre_receive_plain(c,n) CURLE_OK
+#define pre_receive_plain(d,c,n) CURLE_OK
#define get_pre_recved(c,n,b,l) 0
#endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
To avoid lossage of received data, recv() must be
performed before every send() if any incoming data is
available. */
- if(pre_receive_plain(conn, num)) {
+ if(pre_receive_plain(data, conn, num)) {
*code = CURLE_OUT_OF_MEMORY;
return -1;
}
projects / thirdparty / curl.git / commitdiff
